IoT device vendor Wyze says a server leak exposed data, including email addresses, camera user IDs, and WiFi SSIDs, of ~2.4M customers from Dec. 4 to Dec. 26
Details for 2.4 million users were exposed online for 22 days. — Wyze, a company that sells smart devices like security cameras …
ZDNet Catalin Cimpanu
Related Coverage
- [Updated 12-29-19] Data leak 12-26-2019 Wyze Community · Dongsheng
- Wyze data leak may have exposed personal data of millions of users CNET · Steven Musil
- Employee error to blame for massive data leak, Wyze says Ars Technica · Kate Cox
- The personal data of millions of home security camera owners was just exposed online. Business Insider · Aaron Holmes
- Wyze Confirms Two Unprotected Databases Potentially Exposed 2.4 Million Customer's Data Tom's Hardware · Nathaniel Mott
- [Updated 12-27-19] Data leak 12-26-2019 Wyze Community · Dongsheng
- Wyze reports another compromised database, leaked information still unknown SlashGear · JC Torres
- Smart camera maker Wyze hit with customer data breach CNN · Chris Isidore
- Wyze Massive Data Leak IPVM · John Honovich
- Holiday Superstar Wyze Suffers Data Leak, and Amazon Makes Returns Easy Fortune
- 2.4M Wyze's Users' Personal Data May've Been Left Exposed International Business Times · Nica Osorio
- Wyze Security Camera Users Personal Data Leaked, 2.4-Million Affected iPhone Hacks · Mahit Huilgol
- Security experts disclosed Wyze data leak Security Affairs · Pierluigi Paganini
- Wyze camera security breach: 2.4M users have personal data exposed 9to5Mac · Ben Lovejoy
- Wyze leaks personal data for 2.4 million security camera users Yahoo Finance · Georgina Torbet
- IoT maker Wyze suffers data leak, exposes personal data of 2.4 million customers TechSpot · Rob Thubron
- Wyze data leak exposed millions of customers The Daily Dot · Andrew Wyrich
- Wyze Smart Device Co Leaks 2.4M Customers' Data PYMNTS.com
- Data leak by IoT device maker Wyze exposes personal information of 2.4 million people Mashable · Amanda Yeo
- Wyze data leak: Key takeaways from server mistake that exposed information from 2.4M customers GeekWire · Christopher Budd
- Wyze exposes 2.4M customer records via unsecured Elasticsearch database SiliconANGLE · Duncan Riley
- Wyze customers hit by online data leak, company confirms Digital Trends · Trevor Mogg
- Report alleges massive Wyze data breach, but many questions remain SlashGear · Brittany A. Roston
- Wyze Exposes User Data via Unsecured ElasticSearch Cluster BleepingComputer · Sergiu Gatlan
- Alleged data breach 12-26-2019 Wyze Community · Dongsheng
- Wyze Essay 1 - Beijing Dragon Network Co Ltd. Twelve Security · Ghost
- Wyze data breach includes some customer information Android Central · Nicholas Sutrich
- Wyze data breach affects 2.4 million customers Input · J. Fergus
- Privacy scare leads Wyze to unpair all devices from Google Assistant and Alexa, you'll need to add them back Android Police · Jules Wang
Discussion
-
@wesbos
Wes Bos
on x
Been a huge fan of Wyze and it's really disappointing to see sloppy / careless management of our data. Doesnt look like any camera access was leaked, but some dat was and it doesn't make me feel good. huge step back for confidence in IOT https://forums.wyzecam.com/...
-
@mayhemdayone
Bob Diachenko
on x
As per my records, Wyze had huge Elasticsearch cluster publicly exposed. It included 1,807,201,457 records: log data, API requests and events. https://forums.wyzecam.com/...
-
@gabsmashh
@gabsmashh
on x
prediction: 2020 is going to be the year of scrambling for IoT security. https://www.cnet.com/...
-
@mattdlockyer
Matt Lockyer
on x
This is happening to every company on Earth eventually... https://www.cnet.com/...
-
@iansherr
Ian Sherr
on x
Me: Ugh. I expect this from my WiFi-enabled refrigerator, not a home camera company. Also me: I wonder what interesting WiFi ssid's people have come up with. https://twitter.com/...
-
@campuscodi
Catalin Cimpanu
on x
This is not how “responsible disclosure” works. In the past, I've waited weeks for some companies to secure servers. These guys couldn't wait a f***ing day. Talk about being unprofessional. 14 minutes (my bad, not 9) means you didn't actually care about disclosure at all https://…
-
@davezatz
Dave Zatz
on x
Wyze has added additional information about the database exposure. The “researcher” who publicly disclosed the info sounds more like a hacker, or at the very least, a hack. https://forums.wyzecam.com/...
-
@troyhunt
Troy Hunt
on x
This one impacting @WyzeCam looks pretty serious. Original public disclosure (which looks like it may have been made prematurely) is here: https://blog.12security.com/ wyze/ https://twitter.com/...
-
@wyzecam
Wyze
on x
Everyone should be required to login to their Wyze app again due to a security precaution taken this afternoon. You can learn more here: https://forums.wyzecam.com/...
-
@aaron_pearce
Aaron Pearce
on x
Well this isn't good for Wyze. Emails, Alexa tokens, API tokens, WiFi SSIDs, internal network layouts and more. https://twitter.com/...